Hi everyone I recently sent to the kernel mailing lists a patch set to support PGP keys and signatures. Other than allowing the appraisal of RPM headers without changes to the building infrastructure, it would also simplify key management for the use cases requiring file or fsverity signatures (no need for a secondary key). This is the link of the patch set: https://lore.kernel.org/linux-integrity/20220111180318.591029-1-roberto.sassu@xxxxxxxxxx/ One point of the discussion was if there is the need to support PGP in the kernel, or if a distribution should adapt its key management to be compatible with key types currently available in the kernel. It would be great if you could comment on this patch set, from the perspective of people managing a Linux distribution. Also, any thought related to the patch set would be appreciated. Thanks Roberto HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Zhong Ronghua _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
